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REAL PARTY IN INTEREST 

The real party in interest in this appeal is the following party: International Business Machines 
Corporation. 
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RELATED APPEALS AND INTERFERENCES 

With respect to other appeals or interferences that will directly affect, or be directly affected by, or 
have a bearing on the Board's decision in the pending appeal, there are no such appeals or 
interferences. 
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STATUS OF CLAIMS 



A. TOTAL NUMBER OF CLAIMS IN APPLICATION 

Claims in the application are: 1-41 



B. STATUS OF ALL THE CLAIMS TN APPLICATION 

1 . Claims canceled: 3 and 22 

2. Claims withdrawn from consideration but not canceled: NONE 

3. Claims pending: 1 , 2, 4-21 and 23-32 

4. Claims allowed: NONE 

5. Claims rejected: 1 , 2, 4-21 and 23-32 

6. Claims objected to: NONE 

C* CLAIMS ON APPEAL 

The claims on appeal are: 1,2,4-21 and 23-32 
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STATUS OF AMENDMENTS 

An Amendment after Final Rejection was not filed Therefore, claims 1, 2, 4-21 and 23-32 on 
appeal herein are as presented in the Response to Office Action filed October 1 5, 2004. 
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SUMMARY OF CLAIMED SUBJECT MATTER 
CLAIM 1 - INDEPENDENT 

The subject matter of claim 1 is directed to a method for managing access to data in a 
keystore in a data processing system. A request for access to an item of data is received from a 
requestor, (Specification, pg. 15, lines 14 - 16; Figure 6, step 600) wherein the item of data is an 
encrypted item of data, which is encrypted using a first key (Specification, pg. 15, lines 16-18; 
Figure 6, step 602). A determination of whether the requestor is a trusted requestor is made 
(Specification, pg. 1 5, lines 16-18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a determination that the requestor is a trusted requestor, a copy of the 
requested item of data is decrypted using a second key (Specification, pg. 8, lines 26 - 27; pg. 10, 
lines 12-19; Figure 3, 322; Figure 6, step 606). The decrypted copy of the requested item of data 
is sent to the requestor (Specification, pg 10, lines 19-20; pg. 16, lines 4-5; Figure 6* step 
608). 

CLAIM 12 - INDEPENDENT 

The subject matter of claim 12 is directed to a Keystore system. The Keystore system 
includes a Keystore object and a Keystore process (Specification pg. 9, line 19 - pg 10, line 12; 
Figure 3, 300, 318). The Keystore object includes a key and a plurality of entries wherein each 
entry of the plurality of entries is encrypted using the key (Specification pg. 9, lines 22 — 26; 
Figure 3, 302, 310). The Keystore process provides access to the plurality of entries in response 
to a request from a trusted application (Specification pg. 10, lines 14-15). The determination as 
to whether or not an application is a trusted application is performed by checking an application's 
identity against a trusted codebase (Specification, pg. 8, lines 26 - 27). In response to a request 
from a trusted application, the Keystore process provides the key to the encrypted plurality of 
entries to the application (Specification pg. 10, lines 17 - 20). 
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CLAIM 20 - INDEPENDENT 

The subject matter of claim 20 is directed to a data processing system for managing 
access to data in a datastore. The data processing system comprises a receiving means 
(Specification, pg. 6, lines 8-9; Figure 2, 220), a determining means (Specification, pg. 6, lines 
8-9; Figure 2, 202), and a sending means (Specification, pg. 6, lines 8-9; Figure 2, 206). The 
receiving means receives a request for access to an item of data from a requestor, (Specification, 
pg. 1 5, lines 14 - 16; Figure 6, step 600) wherein the item of data is an encrypted item of data, 
which is encrypted using a first key (Specification, pg. 15, lines 16 - 18; Figure 6, step 602). 
The determining means determines whether the requestor is a trusted requestor (Specification, 
pg. 1 5, lines 16-18; Figure 6, step 602). This determination is made by checking the 
requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 26 - 27). In 
response to a determination that the requestor is a trusted requestor, a copy of the requested item 
of data is decrypted using a second key (Specification, pg. 8, lines 26 - 27; pg. 1 0, lines 12-1 9; 
Figure 3, 322; Figure 6, step 606). The sending means sends the decrypted copy of the requested 
item of data is sent to the requestor (Specification, pg 10, lines 19 - 20; pg. 16, lines 4-5; 
Figure 6, step 608). 

CLAIM 32 - INDEPENDENT 

The subject matter of claim 32 is directed to a computer program product in a computer 
readable medium tor managing access to data in a datastore. A first set of instructions receives a 
request for access to an item of data from a requestor, (Specification, pg. 15, lines 14 - 16; 
Figure 6, step 600) wherein the item of data is an encrypted item of data, which is encrypted 
using a first key (Specification, pg. 15, lines 16-18; Figure 6, step 602). A second set of 
instructions determines whether the requestor is a trusted requestor (Specification, pg. 15, lines 
16-18; Figure 6, step 602). This determination is made by checking the requestor's identity 
against a codebase of trusted users (Specification, pg. 8, lines 26 - 27). In response to a 
determination that the requestor is a trusted requestor, a third set of instructions decrypts a copy 
of the requested item of data using a second key (Specification, pg. 8, lines 26 - 27; pg. 10, lines 
12-19; Figure 3, 322; Figure 6, step 606). A fourth set of instructions sends the decrypted copy 
of the requested item of data to the requestor (Specification, pg 10, lines 19-20; pg. 16, lines 4 - 
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5; Figure 6, step 608). 

CLAIM 4 - DEPENDENT 

The subject matter of claim 4 is directed to a method for managing access to data in a 
keystore in a data processing system. A request for access to an item of data is received from a 
requestor, (Specification, pg. 15 , lines 14 - 16; Figure 6, step 600) wherein the item of data is an 
encrypted item of data, which is encrypted using a first key (Specification, pg. 1 5, lines 16-18; 
Figure 6, step 602), and wherein the item of data is another key (Specification, pg. 1 0, lines 7 - 
8; Figure 3, 310). A determination of whether the requestor is a trusted requestor is made 
(Specification, pg. 15, lines 16-18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a determination that the requestor is a trusted requestor, a copy of the 
requested item of data is decrypted using a second key (Specification, pg. 8 } lines 26 - 27; pg. 10, 
lines 12-19; Figured, 322; Figure 6, step 606). The decrypted copy of the requested item of data 
is sent to the requestor (Specification, pg 10, lines 19 - 20; pg. 16, lines 4-5; Figure 6, step 
608). 

CLAIM 6 - DEPENDENT 

The subject matter of claim 6 is directed to a method for managing access to data in a 
keystore in a data processing system. A request for access to an item of data is received from a 
requestor, (Specification, pg. 1 5, lines 14-16; Figure 6, step 600) wherein the item of data is an 
encrypted item of data, which is encrypted using a first key (Specification, pg. 15, lines 16-18; 
Figure 6, step 602), and wherein the item of data is indexed within the Keystore using an alias 
(Specification, pg. 10, lines 3-8; Figure 3, 308). A determination of whether the requestor is a 
trusted requestor is made (Specification, pg. 15, lines 16 - 18; Figure 6, step 602). This 
determination is made by checking the requestor's identity against a codebase of trusted users 
(Specification, pg. 8, lines 26 - 27). In response to a determination that the requestor is a trusted 
requestor, a copy of the requested item of data is decrypted using a second key (Specification, pg. 
8, lines 26 - 27; pg. 10, lines 12-19; Figure 3 t 322; Figure 6, step 606). The decrypted copy of 
the requested item of data is sent to the requestor (Specification, pg 10, lines 19 - 20; pg. 16, 
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lines 4-5; Figure 6, step 608). 

CLAIM 7 - DEPENDENT 

The subject matter of claim 7 is directed to a method for managing access to data in a 
keystone in a data processing system. A request for access to an item of data, wherein the request 
includes an alias (Specification, pg. 1 1, lines 16 - 25), is received from a requestor, 
(Specification, pg. 15, lines 14-16; Figure 6, step 600) wherein the item of data is an encrypted 
item of data, which is encrypted using a first key (Specification, pg. 15, lines 16-18; Figure 6, 
step 602), and wherein the item of data is indexed within the Keystore using the alias 
(Specification, pg. 10, lines 3-8; Figure 3, 308). A determination of whether the requestor is a 
trusted requestor is made (Specification, pg. 15, lines 16 - 18; Figure 6, step 602). This 
determination is made by checking the requestor's identity against a codebase of trusted users 
(Specification, pg. 8, lines 26 - 27). In response to a determination that the requestor is a trusted 
requestor, a copy of the requested item of data is decrypted using a second key (Specification, pg. 
8, lines 26 - 27; pg. 1 0, lines 12-19; Figure 3, 322; Figure 6, step 606). The decrypted copy of 
the requested item of data is sent to the requestor (Specification, pg 10, lines 19-20; pg. 16, 
lines 4-5; Figure 6, step 608). If the requestor is determined not to be a trusted requestor, a null 
result is sent to the requestor (Specification, pg. 13, lines 19-23; pg, 16 lines 8-11; Figure 6, 
step 612), 

CLAIM 13 - DEPENDENT 

The subject matter of claim 13 is directed to a Keystore system. The Keystore system 
includes a Keystore object and a Keystore process (Specification pg. % line 19- pg 10, line 12; 
Figure 3 300, 318). The Keystore object includes a key and a plurality of entries wherein each 
entry of the plurality of entries is encrypted using the key (Specification pg. 9, lines 22-26; 
Figure 3, 302, 310), and wherein the plurality of entries is indexed using a plurality of aliases 
(Specification, pg. 10, lines 3 - 8, 21-23; Figure 3, 302, 306). The Keystore process provides 
access to the plurality of entries in response to a request from a trusted application (Specification 
pg. 10, lines 14-15), wherein the request includes an alias for a requested entry (Specification, 
pg. 11, lines 16 - 25). The determination as to whether or not an application is a trusted 
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application is performed by checking an application's identity against a trusted codebase 
(Specification, pg. 8, lines 26 - 27), In response to a request from a trusted application, the 
Keystore process provides the key to the encrypted plurality of entries to the application 
(Specification pg. 10, lines 17 - 20). 

CLAIM 14 - DEPENDENT 

The subject matter of claim 14 is directed to a Keystore system. The Keystore system 
includes a Keystore object and a Keystore process (Specification pg. 9, line 19 - pg 10, line 12; 
Figure 3 300, 318). The Keystore object includes a first key, a first plurality of entries wherein 
each entry of the first plurality of entries is encrypted using the first key (Specification pg. 9, 
lines 22 - 26; Figure 3, 302, 310), and a second plurality of entries corresponding to the first 
plurality of entries in an unencrypted form encrypted with a second key (Specification, pg. 10, 
lines 12 - 14; pg. 1 1, lines 4-8; Figure 3). The Keystore process provides access to the plurality 
of entries in response to a request from a trusted application (Specification pg. 1 0, lines 14-15). 
The determination as to whether or not an application is a trusted application is performed by 
checking an application's identity against a trusted codebase (Specification, pg. 8, lines 26 - 27), 
In response to a request from a trusted application, the Keystore process provides the key to the 
encrypted plurality of entries to the application (Specification pg. 10, lines 17 - 20). 14. 

CLAIM 23 - DEPENDENT 

The subject matter of claim 23 is directed to a data processing system for managing 
access to data in a datastore. The data processing system comprises a receiving means 
(Specification, pg. 6, lines 8-9; Figure 2, 220), a determining means (Specification, pg. 6, lines 
8-9; Figure 2, 202), and a sending means (Specification, pg. 6, lines 8-9; Figure 2, 206). The 
receiving means receives a request for access to an item of data from a requestor, (Specification, 
pg. 15, lines 14-16; Figure 6, step 600) wherein the hem of data is an encrypted item of data, 
which is encrypted using a first key (Specification, pg. 15, lines 1 6 - 1.8; Figure 6, step 602), and 
wherein the item of data is another key (Specification, pg. 10, lines 7-8; Figure 3, 310). The 
determining means determines whether the requestor is a trusted requestor (Specification, pg. 1 5, 
lines 16*18; Figure 6, step 602). This determination is made by checking the requestor's 
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identity against a codebase of trusted users (Specification, pg. 8, lines 26 - 27). In response to a 
determination that the requestor is a trusted requestor, a copy of the requested item of data is 
decrypted using a second key (Specification, pg. 8, lines 26 - 27; pg. 1 0, lines 12-19; Figure 3, 
322; Figure 6 4 step 606). The sending means sends the decrypted copy of the requested item of 
data is sent to the requestor (Specification, pg 10, lines 19-20; pg. 16, lines 4-5; Figure 6, step 
608). 

CLAIM 25 - DEPENDENT 

The subject matter of claim 25 is directed to a data processing system for managing 
access to data in a datastore. The data processing system comprises a receiving means 
(Specification, pg. 6, lines 8 - 9; Figure 2, 220), a determining means (Specification, pg. 6 ? lines 
8-9; Figure 2, 202), and a sending means (Specification, pg. 6, lines 8-9; Figure 2, 206). The 
receiving means receives a request for access to an item of data from a requestor, (Specification, 
pg. 1 5, lines 14-16; Figure 6, step 600) wherein the item of data is an encrypted item of data, 
which is encrypted using a first key (Specification, pg, 15, lines 16-18; Figure 6, step 602), 
wherein the item of data is indexed within a Keystore using an alias (Specification, pg. 1 0, lines 
3-8; Figure 3* 308). The determining means determines whether the requestor is a trusted 
requestor (Specification, pg. 15, lines 16 — 18; Figure 6, step 602). This determination is made 
by checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a determination that the requestor is a trusted requestor, a copy of the 
requested item of data is decrypted using a second key (Specification, pg. 8, lines 26 * 27; pg. 10, 
lines 1 2-19; Figure 3, 322; Figure 6> step 606). The sending means sends the decrypted copy of 
the requested item of data is sent to the requestor (Specification, pg 10, lines 19-20; pg. 16, 
lines 4-5; Figure 6, step 608). 

CLAIM 26 - DEPENDENT 

The subject matter of claim 25 is directed to a data processing system for managing 
access to data in a datastore. The data processing system comprises a receiving means 
(Specification, pg. 6, lines 8-9; Figure 2, 220), a determining means (Specification, pg. 6, lines 
8-9; Figure 2, 202), and a sending means (Specification, pg, 6, lines 8-9; Figure 2, 206). The 
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receiving means receives a request for access to at) item of data from a requestor, (Specification, 
pg. 1 5, lines 14-16; Figure 6, step 600), wherein the request includes an alias (Specification, 
pg. 1 1 s lines 16-25) and wherein the item of data is an encrypted item of data, which is 
encrypted using a first key (Specification, pg. 15, lines 16-18; Figure 6, step 602), wherein the 
item of data is indexed within a Keystore using the alias (Specification, pg. 10, lines 3-8; 
Figure 3, 308). The determining means determines whether the requestor is a trusted requestor 
(Specification, pg. 15, lines 16-18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a determination that the requestor is a trusted requestor, a copy of the 
requested item of data is decrypted using a second key (Specification, pg. 8 ? lines 26 - 27; pg. 10, 
lines 12-19; Figure 3, 322; Figure 6, step 606). The sending means sends the decrypted copy of 
the requested item of data is sent to the requestor (Specification, pg 10, lines 19-20; pg, 16, 
lines 4-5; Figure 6, step 608). If the requestor is determined not to be a trusted requestor, a 
returning means sends a null result to the requestor (Specification, pg. 13, lines 19 - 23; pg, 1 6 
lines 8-1 1 ; Figure 6, step 612). 

CLAIM 1 1 - INDEPENDENT 

The subject matter of claim 1 1 is directed to a method for managing access to data in a 
keystore in a data processing system. A request for access to an item of data is received from a 
requestor (Specification, pg. 15, lines 14-16; Figure 6, step 600), wherein the item of data is an 
encrypted item of data, which is encrypted using a first key (Specification, pg. 1 5, lines 16-18; 
Figure 6, step 602). A detennination of whether the requestor is a trusted requestor is made 
(Specification, pg. 15, lines 16-18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a detennination that the requestor is a trusted requestor, a second key and 
an encrypted copy of the requested item of data is sent to the requestor (Specification, pg. 3, lines 
9-11). 

CLAIM 15 - INDEPENDENT 

The subject matter of claim 15 is directed to a data processing system. The data 
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processing systems comprises a bus (Specification, pg. 6, lines 2-4; Figure 2, 206), a 
communications unit connected to the bus (Specification, pg* 6, lines 14-16; Figure 2, 210), a 
memory unit connected to the bus (Specification, pg. 6, lines 8-9; Figure 2, 204), and a 
processor unit connected to the bus (Specification, pg. 6, lines 8-9; Figure 2, 202). Data is sent 
and received via the communications unit (Specification, pg. 7, lines 25 - 29). A set of 
instructions is located in the memory (Specification, pg. 7, lines 7 - 1 1 , pg 8, lines 14-18). The 
processor unit executes the set of instructions to receive a request for access to an item of data 
from a requestor (Specification, pg. 15, lines 14-16; Figure 6, step 600), wherein the item of 
data is an encrypted item of data, which is encrypted using a first key (Specification, pg. 15, lines 
16 - 18; Figure 6, step 602). A determination of whether the requestor is a trusted requestor is 
made (Specification, pg. 15, lines 16-18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). Tn response to a determination that the requestor is a trusted requestor, a second key and 
an encrypted copy of the requested item of data is sent to the requestor (Specification, pg. 3, lines 
9-11). 

CLAIM 30 - INDEPENDENT 

The subject matter of claim 30 is directed to a data processing system for managing 
access to data in a datastore. The data processing system comprises a receiving means 
(Specification, pg, 6, lines 8-9; Figure 2, 220), a detennining means (Specification, pg. 6, lines 
8-9; Figure 2, 202), and a sending means (Specification, pg. 6, lines 8-9; Figure 2, 206). The 
receiving means receives a request for access to an item of data is received from a requestor 
(Specification, pg. 15, lines 14-16; Figure 6, step 600), wherein the item of data is an encrypted 
item of data, which is encrypted using a first key (Specification, pg. 15, lines 16-18; Figure 6, 
step 602). The determining means determines whether the requestor is a trusted requestor 
(Specification, pg. 15, lines 16- 18; Figure 6, step 602). This determination is made by 
checking the requestor's identity against a codebase of trusted users (Specification, pg. 8, lines 
26 - 27). In response to a determination that the requestor is a trusted requestor, the sending 
means sends a second key and an encrypted copy of the requested item of data is sent to the 
requestor (Specification, pg. 3, lines 9 - 11), 
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CLAIM 31 - INDEPENDENT 

The subject matter of claim 31 is directed to a computer program product in a com puter 
readable medium for managing access to data in a datastore. A first set of instructions receives a 
request for access to an item of data from a requestor (Specification, pg. 15, lines 14-16; Figure 
6, step 600), wherein the item of data is an encrypted item of data, which is encrypted using a 
first key (Specification, pg. 15, lines 16-18; Figure 6, step 602). A second set of instructions 
determines whether the requestor is a trusted requestor (Specification, pg, 15, lines 16-18; 
Figure 6, step 602). This determination is made by checking the requestor's identity against a 
codebase of trusted users (Specification, pg. 8, lines 26 - 27). In response to a determination that 
the requestor is a trusted requestor, a third set of instructions sends a second key and an 
encrypted copy of the requested item of data to the requestor (Specification, pg. 3, lines 9-11). 
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GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 



GROUND OF REJECTION (Claims 1, 2, 4-21 AND 23-32) 

Claims 1, 2, 4-21 and 23-32 stand rejected under 35 U.S.C. § 103(a) as being unpatenable over 
Cane et al. (U.S. Patent No. 5,940,507) in view of Padgett et al. (U.S. Patent No. 6,167,51 8). 
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ARGUMENT 

35 U.S.C. S 103(a), Obviousness, Claims 1. 2. 4-21 and 23-32 

The examiner has rejected claims 1, 2, 4-21 and 23-32 under 35 U.S.C. § 103(a) as being 
unpatentable over Cane et al. (U.S. Patent No. 5,940,547) in view of Padgett et aJ. (U.S. Patent 
No. 6,167,518). 

A. Claims 1. 2, 4-10, 12-14, 20. 21. 23-29 and 32 

As to independent claims 1 9 12, 20 and 32, the Final Office Action states: 

With regard to claims 1 ? 2, 5, 1 2, 20, 21, 24, and 32, as best understood, 
Cane discloses a method for managing access to data in a processing system 
(column 1 lines 17-19) including, receiving a request for first key (column 3 lines 
59-61) encrypted data, determining whether the requestor is trusted, decrypting a 
copy of the data (column 4 lines 1 7-1 9) with a second key (column 4 lines 23-26) 
and sending the decrypted data (column 4 lines 16-37). Cane discloses using 
additional security (column 2 lines 32-33), but does not specifically mention 
identifying the client by checking his identity against a database. Padgett 
discloses that a key store can be public, as in Cane, but can also be restricted 
through authentication (column 3 lines 9-15). It would have been obvious for one 
of ordinary skill in the art to authenticate the client in Cane, for Cane's stated 
motivation of adding additional security. 

Final Office Action dated December 22, 2004. 

A fundamental notion of patent law is the concept that invention lies in the new 
combination of old elements. Therefore, a rule that every invention could be rejected as obvious 
by merely locating each element of the invention in the prior art and combining the references to 
formulate an obviousness rejection is inconsistent with the very nature of "invention." 
Consequently, a rule exists that a combination of references made to establish a prima facie case 
of obviousness must be supported by some teaching, suggestion, or incentive contained in the 
prior art which would have led one of ordinary skill in the art to make the claimed invention. 

The inquiry is not whether each element existed in the prior art, but whether the invention 
as a whole is obvious in light of the prior art. Hartness International Inc. v. Simplimatic 
Engineering Co., 819 F.2d 1 100, 2 U.S.P.Q.2d 1826 (Fed. Cir. 1987) 
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The examiner bears the burden of establishing a prima facie case of obviousness based on 
the prior art when rejecting claims under 35 U.S.C § 103- In re Fritch, 972 F.2d 1260, 23 
U.S.P,Q.2d 1780 (Fed. Cir. 1992). 

Additionally, in comparing Cane to the claimed invention, the claim limitations of the 
presently claimed invention may not be ignored in an obviousness determination. 

The present invention in claim 1, which is representative of independent claims 12, 20 
and 32 with regard to similarly recited subject matter, recites: 



1 . A method in a data processing system for managing access to data in a 
keystore, the method comprising: 

receiving a request for access to an item of data from a requestor, wherein 
the item of data is encrypted using a first key; 

determining whether the requestor is a trusted requestor, wherein the 
determining step is performed by checking a requestor's identity against a trusted 
codebase; 

responsive to a determination that the requestor is a trusted requestor, 
decrypting a copy of the item of data using a second key to form a decrypted ifcm 
of data; and 

sending the decrypted item of data to the requestor. 

Cane does not teach all the elements as alleged by the Examiner. Specifically, Cane does not 
teach the feature of "responsive to a determination that the requestor is a trusted requestor, 
decrypting a copy of the item of data using a second key to form a decrypted item of data" Such 
a feature is not taught or suggested by Cane. Therefore, claim 1 is not obvious in view of Cane 
because the features believed to be disclosed by this cited reference are not present. 

The Examiner points to column 4, lines 16-37 of Cane, reproduced below for the 
convenience of the Board, as teaching the feature of "responsive to a determination that the 
requestor is a trusted requestor, decrypting a copy of the item of data using a second key to form 
a decrypted item of data." 

Upon receipt of the encrypted file 20 and the encrypted key 24, the archive 
server 30 writes the encrypted file 32 to a magnetic tape 36, or other medium or 
long term storage which is inexpensive and which need not encompass real time 
access, via tape drive 34 at step 120. The encrypted key 38 is then written to a 
tape index file 40 at step 122 s thereby associating the magnetic tape volume 36 
with the encrypted file 32 and the encrypted key 38. In alternative embodiments, a 
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further encryption operation may be performed at the archive server on the 
encrypted file 32 or the encrypted key 38 to add an additional layer of security. 

Recovery of a file is accomplished by the archive server referencing the 
index to obtain the encrypted key and the volume of the encrypted file. The 
encrypted file is then retrieved from the volume, and both the encrypted key and 
the encrypted file are transmitted back to the client. The client then recovers the 
file through the same two stage process used to encrypt* First, the secondary key 
must be recovered by decrypting the encrypted key with the master. Second, the 
original file may be recovered by decrypting the encrypted file with the secondary 
key. 

The passage above teaches that an archive server receives an encrypted file and an encrypted key. 
The archive server stores the encrypted file in a storage medium, and the encrypted key is written 
to an index file. When a client, who is the owner of the data, wants to access the stored data, the 
archive server uses the index to obtain the encrypted key and file, and sends them to the client. 
The client may then use the same two stage process used to encrypt the file to recover the file. 

The two stage process used to encrypt the file is explained in general terms, in Cane, column 

3, lines 31 through 44: 

An archive transaction for a file stored at the source system encompasses 
encryption of the file on the source system using a secondary key, encryption of 
the secondary key on the source system using a master key, and transmission of 
the encrypted file and the associated encrypted key to the archive server. 
Transmission is electronic via computer network, or in alternative embodiments 
by physical delivery of a suitable magnetic medium. The archive server then 
stores the encrypted file on magnetic tape or another medium of long term storage, 
and stores the encrypted key along with an index to the tape containing the 
encrypted file. The master key used to encrypt fte secondary key is retained on the 
source system. 

The two stage process is explained in greater detail in Cane, column 3, lines 56 through column 

4, line 1 : 

A key generator 16 then generates a secondary key 18 as shown in step 102, 
and uses this key to encrypt the file 10 as shown in step 104 to produce an 
encrypted file 20, at step 106. The master encryption key 22 is then obtained in 
step 1 08 and used to encrypt the secondary key in 18, as shown at step 110, and 
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produce an encrypted key 24, as indicated in step 112. Note that since the same 
master key is used to encrypt multiple secondary keys it need be generated only 
once and then reused for successive secondary keys. The encrypted file 20 and 
encrypted key 24 are then transmitted to the archive server at steps 1 16 and 118, 
respectively, while the master key 22 is retained at the source system 8 at step 
114. 

The two passages cited above teach a system wherein a file that is encrypted is stored at an 
archive server. The file is encrypted at the source location using a key called a secondary key. 
The secondary key is then itself encrypted using a key called a master key. The encrypted file and 
Ihe encrypted secondary key are sent to the archive server. The encrypted file is stored on a long 
term storage device. The encrypted secondary key along with an index containing the location of 
the encrypted file are stored together. The master key, which is the key used to encrypt the 
secondary key is retained at the source system. The master key is not sent to the archive server 
and the archive server has no control over the master key. 

Therefore, to recover an encrypted file, me client, who is the owner of the data, requests 
the encrypted file and the encrypted key be returned from the archive server. The archive server 
then retrieves the stored encrypted secondary key and the index containing the location of the 
encrypted file. The encrypted file is then retrieved. Then the encrypted file and the encrypted 
secondary key are sent to the client. The requestor has to use the master key to decrypt the 
encrypted secondary key. Once the secondary key has been decrypted, the secondary key is used 
A secondary key is recovered by decrypting the encrypted key with the master key which is 
retained at the client, and the original file is recovered by decrypting the encrypted file with the 
secondary key. Therefore, in Cane, only the owner of the data, the possessor of the master key, 
may actual ly decrypt the encrypted file and gain access to the stored data. In contradistinction, 
the present invention receives a request for a first item of data encrypted with a first key and 
instead ' decrypts a copy of the first item of data us ing a second key. In other words, the 
encrypted file in Cane is not a copy of an item of data wherein th e original item of data is 
encrypted using a first key and the copy is encrypted with a second, different key, as in claim 1 . 

The present invention recites the feature of "responsive to a determination that the 
requestor is a trusted requestor, decrypting a copy of the item of data using a second key to form 
a decrypted item of data." According to an aspect of the present invention, when a user adds an 
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item of data or file to a key store, a duplicate copy of that item is also created in the key store. The 
original item is encrypted using a key, the first key, as normal. However, the duplicate copy of 
the item is encrypted using a different key, the second key. Therefore, under the method of the 
present invention when a user adds an item of data, or file, to a keystore, or archive server, the 
end result is that two version of the item are stored, the original item and a duplicate copy of the 
item. Each version is separately encrypted using a different key for each item. When a request for 
the particular original item of data is received by the keystore, the keystore then determines 
whether or not the requestor belongs to a class of requestors called "trusted requestors.*' If the 
requestor is a trusted requestor, the keystore retrieves the encrypted copy of the item of data and 
uses the second key to decrypt the encrypted copy of the item of data. The keystore sends this 
decrypted copy of the item of data to the trusted requestor. Therefore, when it has been 
determined by the keystore that a requestor is a trusted requestor, the keystore decrypts a copy of 
the item of data using the second key. Cane does not teach or suggest this. Instead, Cane teaches 
that only one version of the file exists at the archive server, the original encrypted file. Therefore, 
as Cane teaches that there is only one version of the encrypted file exists at the archive server, 
Cane cannot teach "decrypting a copy of the item of data using a second key to form a decrypted 
item of data." Thus, Cane does not teach the feature of "responsive to a determination that the 
requestor is a trusted requestor, decrypting a copy of the item of data using a second key to form 
a decrypted item of data" 

Additionally, Cane teaches that only a requestor who possesses the master key can 
decrypt the original encrypted file, since the master key is need to decrypt the encrypted 
secondary key and the decrypted secondary key is needed to decrypt the encrypted file. Cans in 
column 3, line 64 to column 4, line 1 , further teaches that the master key is retained by the client 
at the client's own system and it is not sent to the archive server: 

The encrypted file 20 and encrypted key 24 are then transmitted to the 
archive server at steps 116 and 1 18, respectively, while the master key 22 is 
retained at the source system 8 at step 114. 
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Block 1 14 in Figure 2 farther illustrates that the master key is retained at the client in Cane: 




Lit 



F1Q.2 



Thus, as the roaster key is needed to decrypt the stored data, and as the master key is 
stored at the data source/client. Cane merely teaches that the source client is the only requestor 
able to decrypt the stored data. Therefore, Cane teaches that the archive server cannot decrypt the 
stored encrypted original file. Thus, Cane cannot teach "decrypting a copy of the item of data 
using a second key to form a decrypted item of data." Therefore, Cane does not teach the feature 
of "responsive to a determination that the requestor is a trusted requestor, decrypting a copy of 
the item of data using a second key to form a decrypted item of data." 

Furthermore, Cane does not teach a "trusted requestor." Canes teaches that the requestor 

for the data, or encrypted file, is the client or owner of the encrypted file and that only this 

requestor, exclusively, can decrypt the files and access the underlying data since a master key is 

necessary to decrypt the file and only the client who original sent the encrypted file possesses the 

master key. This exclusivity is a goal of Cane as stated in column 2, lines 63 through 67: 

One benefit provided by this arrangement is the elimination of access to 
data by the archive server, therefore providing the source organization with 
assurances of access control and privacy, while relieving the source organization 
of archive cataloging and physical storage duties. 
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In contrast, as stated on page It, lines 4 through 7 of the specification: 

One feature of the present invention is to create not only the entry that the 
user or application desired, but an additional entry for use by trusted applications. 

Therefore, in claim of the present invention, access to the data contained in the stored file is not 
limited exclusively to that of the source provider. But, rather, access is specifically intended for 
and granted to another group of users, which is much broader then merely the source provider of 
the file, called trusted requestors. The trusted requestors do not have access to the data initially 
intended to be stored, but only to the copy of the data, as explained in the specification, page 8, 
lines 24 though 27: 

This section duplicates the data in a portion of that Keystore, but protects 
the data with a different password. Entries from this new section are available to 
any class from a trusted codebase. 

Thus, a client, or source of the encrypted file, as taught by Cane i s not the same as a trusted 
requestor in claim of the present invention. Therefore, Cane does not teach the feature of 
"responsive to a determination that the requestor is a trusted requestor, decrypting a copy of the 
item of data using a second key to form a decrypted item of data." 

Therefore, for all the reasons stated above, Cane does not teach the feature of "responsive 
to a determination that the requestor is a trusted requestor, decrypting a copy of the item of data 
using a second key to form a decrypted item of data." Therefore, claim 1 is not obvious in view 
of Cane because the features believed to be disclosed by this cited reference are not present. 
Additionally, Padgett does not cure the deficiencies of Cane. Padgett is cited for the purpose of 
teaching the feature of "wherein the determining step is performed by checking a requestor's 
identity against a trusted codebase," and does not teach the feature of "responsive to a 
determination that the requestor is a trusted requestor, decrypting a copy of the item of data using 
a second key to form a decrypted item of data." Thus, the combination of Cane with the Padgett 
reference would not reach the presently claims invention as recited in claim 1. Therefore, the 
examiner has failed to state a prima facie case of obviousness. 

In addition, claim J recites the feature of "sending the decrypted item of data to the 
requestor." This feature is not taught or suggested by Cane. The examiner alleges that this feature 
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is taught by Cane, column 4, lines 16 through 37, cited above. As was discussed above, and 
illustrated in Figure 2, reproduced above, Cane teaches that "both the encrypted key and the 
encrypted file are transmitted back to the client." (Cane, col. 4, lines 31-32). Furthermore, as 
Cane teaches that a master key, which is retained by the source provider at the source provider's 
location, is need to decrypt the encrypted secondary key and that the decrypted secondary key is 
needed to decrypt the encrypted file, it follows that Cane cannot teach sending a decrypted item 
of data to the source file as the archive server has no way of decrypting the encrypted file. 
Therefore, Cane does not teach the feature of "sending the decrypted item of data to the 
requestor," as recited in claim 1 of the present inventioa Therefore, claim 1 is not obvious in 
view of Cane because the features believed to be disclosed by this cited reference arc not present. 

Additionally, claim 1 recites the feature of "determining whether the requestor is a trusted 
requestor, wherein the determining step is performed by checking a requestor's identity against a 
trusted codebase." The examiner has stated and Appellants agree that Cane does not teach the 
feature of "wherein the determining step is performed by checking a requestor's identity against a 
trusted codebase." However, Cane also does not teach "deterrnining whether the requestor is a 
trusted requestor," as alleged by the examiner. The examiner has consistently mischaracterized 
this feature as stating "determining whether the requestor is trusted," and has pointed to Cane, 
column 4, lines 17-19, cited above, as teaching this feature. Cane, column 4, lines 17-19 does not 
teach this feature. However, another passage of Cane cited by the examiner, column 2, lines 32- 
33, does refer, in very general terms, to authentication: 

Additional security and authentication measures can also be taken. 

It appears that the examiner has equated verifying the authenticity of the requestor's 
identification with "determining whether the requestor is a trusted requestor." However, as was 
discussed above, a "trusted requestor" refers to a class or groups of classes of users and 
applications that are authorized to have access to the duplicate items of data stored in the 
keystore. Therefore, verifying that a requestor is trusted, or authenticating the requestor's 
identity, is not the same as "determining whether the requestor is a trusted requestor." For 
example, a user could request access to a piece of data and the authenticity of the user's 
identification could be verified but the user may still not be a member of one the classes granted 
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permission to access 1he stored copy of the item of data- Thus, the user would be "trusted" as 
asserted by the examiner but the user is not a "trusted requestor" as that term i s used in claim 1 . 
Therefore, Cane does not teach Metermining whether the requestor is a trusted requestor." 

Additionally, as was discussed above, regarding the feature of "responsive to a 
determination that the requestor is a trusted requestor, decrypting a copy of the item of data using 
a second key to form a decrypted item of data," Cane does not teach or suggest a "trusted 
requestor." As Cane does not teach a "trusted requestor," it follows that Cane cannot teach 
"determining whether the requestor is a trusted requestor." Therefore, Cane does not teach 
"determining whether the requestor is a trusted requestor." 

Therefore, for all the reasons stated above, Cane does not teach the feature of , 
"determining whether the requestor is a trusted requestor, wherein the determining step is 
performed by checking a requestor's identity against a trusted codebase." Therefore, claim 1 is 
not obvious in view of Cane because the features believed to be disclosed by this cited reference 
arc not present. 

Furthermore, Cane does not teach, suggest, or give any incentive to make the needed 
changes to reach the presently claimed invention. Cane actually teaches away from the presently 
claimed invention because Cane teaches that the data is stored using a two stage encryption 
process, involving a master key and a secondary key, whereby the encrypted file and associated 
encrypted key are stored at an archive server while the original source retains the master key (see 
Cane, col. 3, lines 32-44). Therefore, Cane teaches that only the source of the data can decrypt 
the encrypted data. In contrast, the present invention teaches that the archiving server has the 
ability to decrypt the information stored therein, and that trusted requestors can access and 
manipulate a stored copy of the data whether or not the data originated with the trusted requestor. 
Absent some teaching, suggestion, or incentive to modify Cane in this manner, the presently 
claimed invention can be reached only through an improper use of hindsight using the 
Applicants' disclosure as a template to make the necessary changes to reach the claimed 
invention. 

Furthermore, Padgett does not cure the deficiencies of Cane. Padgett does not teach the 
features missing from Cane including "determining whether the requestor is a trusted requestor, 
wherein the determining step is performed by checking a requestor's identity against a trusted 
codebase," and "responsive to a determination that the requestor is a trusted requestor, decrypting 
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a copy of the item of data using a second key to form a decrypted item of data" and "sending the 
decrypted item of data to the requestor ? nor does the examiner point to any portion of Padgett 

that teaches these features. 

The examiner points to Padgett column 3, lines 9 through 15 as teaching "wherein the 
determining step is performed by checking a requestor's identity against a trusted codefaastf*: 

The certificate is stored in a database and is sent to the registrant. 
Preferably, the database is public with no restriction as to who may access the 
stored certificate data. Alternatively, access to the database may be restricted to, 
for example, employees of a particular corporation or government department, 
database subscribers, or members of a stock exchange. 

The above cited passage teaches that a digital certificate can be stored in a database and 
that it may be desirable to limit access to the database of stored digital certificates based upon a 
variety of possible limitations. However, nowhere does this passage or Padgett teach how this to 
accomplish the limiting of access. Nowhere does this passage or any passage of Padgett teach 
using a trusted codebase. Therefore, Padgett does not teach "wherein the determining step is 
performed by checking a requestor's identity against a trusted codebase?' Therefore, claim 1 is 
not obvious because the features believed to be disclosed by Padgett are not present Thus, the 
combination of the Cane reference with Padgett would not reach the presently claims invention 
as recited in claim 1 . Therefore, the examiner has failed to state a prima facie case of 
obviousness. 

Thus, claims 1 , 1 2, 20 and 32 are patentable over the cited references because 
combination of the Cane reference with the Padgett reference does not teach or suggest the 
presently claimed invention. Accordingly, for all the above reasons, Appellants submit that the 
Final Rejection of claims 1 , 12, 20 and 32 is improper, and respectfully request that the Final 
Rejection be reversed. 

Claims 2, 4-1 0, 1 3, 14, 21 and 23-29 are dependent claims which depend on independent 
claims 1, 12, 20, and 32. As Appellants have already demonstrated claims 1 , 12, 20, and 32 to be 
in condition for allowance, Appellants respectfully submit that claims 2, 4-10, 13, 14, 21 and 23- 
29 are also allowable at least by virtue of their depending from an allowable claim. 



(Appeal Brief Page 25 of 40) 
Leung ct al. - 09/75 1 ,576 



PAGE 27/42' RCVD AT 5/2712005 3:38:12PM [Eastern DayDght Tone] * SVfcUSPTO-EFXRF-1/2 * DMS:8729306 * CSD:9723S57766 * DURATION (mm-ss):1M4 



05/27/2085 14:39 9723857766 



YEE & ASSOCIATES, PC 



PAGE 



Accordingly, for all the above reasons, Appellants submit that the Final Rejection of 
claims 2, 4-10, 13, 14, 21 and 23-29 is improper, and respectfully request that the Final Rejection 
be reversed. 

A.1 Claims 4 and 23 

Additionally the claims recite other features not found in the cited references. For 
example, claims 4 and 23 recite the feature of "wherein the item of data is another key." This 
feature is not taught or suggested by Cane. The examiner alleges that Cane discloses that "one of 
the data items is a key, decrypted by the server key." (Final Office Action, page 2). However, the 
examiner does not give a complete reference as to where in Cane this feature is taught as the 
reference given by the examiner only states "column 1 6-26." As there are not 16 columns in 
Cane, Appellants assume that 1 6-26 refers to the line numbers and that a reference to the exact 
column has been omitted. Appellants assume that that the examiner intended to reference column 
4, lines 1 6-26, cited above, in this rejection. However, Cane, column 4, lines 16-26 do not teach 
the feature of therein the item of data is another key." Instead Cane teaches an encrypted file 
and an encrypted key are returned to the requestor. The requestor then uses a master key to 
decrypt the encrypted key and the decrypted key is then used to decrypt the encrypted file. 
Nowhere does this passage of Cane teach or suggest that encrypted file is another, third key. 
Cane refers to the file as being data. Therefore Cane does not teach the feature of "wherein the 
item of data is another key," as recited in claims 4 and 23 of the present invention. 

A.2 Claims 6* 7* 25 and 26 

Additionally claims 6 and 25 recite the feature of "wherein the item of data is indexed 
within the Key store using an alias." The examiner points to Cane, column 4, lines 37 through 41 
as teaching this feature: 

Referring to FIGS. J and 3, for file recovery the archive server searches 
the tape index disk file 40 at step 200 to lookup the encrypted key 44 and the 
location of the magnetic tape volume 36. 
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The above cited passage teaches that the encrypted key and the location of the magnetic tape 
volume containing the encrypted are stored in an index. However, Cane does not teach that 
encrypted file is indexed using an alias. Therefore, the passage of Cane does not teach the feature 
of wherein the item of data is indexed within the Keystore using an alias," as recited in claims 6 
and 25 of the pre$ent invention. 

A.2-A glaims 7 and 26 

Furthermore, claims 7 and 26 recite the feature of "responsive to an absence of a 
determination that the requestor is a trusted requestor, returning a null result to the requestor." 
Cane docs not teach this feature. The examiner points to Cane, column 4, lines 37 through 41 , 
cited above, as teaching this feature. However, as was discussed above in regards to claims 6 and 
25, Cane, column 4, lines 37 through 41 teaches that the encrypted key and the location of the 
magnetic tape volume containing the encrypted are stored in an index. Additionally, as was 
discussed above in regards to claim 1, Cane does not teach a trusted requested. Therefore, it 
follows that Cane does not teach the feature of responsive to an absence of a determination that 
the requestor is a trusted requestor, returning a null result to the requestor " as recited in claims 7 
and 26 of the present invention. 



A3 Claim 13 

Additionally claim 13 recites the feature of therein the plurality of entries is indexed 
using a plurality of aliases and wherein the request includes an alias for a requested entry " Cane 
does not teach this feature. The examiner points to Cane, column 4, lines 37 through 41, cited 
above, as teaching this featwe. However, as was discussed above in regards to claims 6 and 25, 
Cane, column 4, lines 37 through 41 teaches that the encrypted key and the location of the 
magnetic tape volume containing the encrypted are stored in an index. However, the passage of 
Cane does not teach that a plurality of entries, or encrypted files, is indexed using a plurality of 
aliases. Nor does the passage of Cane teach that a request for access to an entry includes an alias 
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The above cited passage teaches that the encrypted key and the location of the magnetic tape 
volume containing the encrypted are stored in an index. However, Cane does not teach that 
encrypted file is indexed using an alias. Therefore, the passage of Cane does not teach the feature 
of wherein the item of data is indexed within the Keystore using an alias," as recited in claims 6 
and 25 of the present invention. 

A.2.A Claims 7 and 26 

Furthermore, claims 7 and 26 recite the feature of "responsive to an absence of a 
determination that the requestor is a trusted requestor, returning a null result to the requestor." 
Cane does not teach this feature. Hie examiner points to Cane, column 4, lines 37 through 41, 
cited above, as teaching this feature. However, as was discussed above in regards to claims 6 and 
25, Cane, column 4, lines 37 through 41 teaches that the encrypted key and the location of the 
magnetic tape volume containing the encrypted are stored in an index. Additionally, as was 
discussed above in regards to claim 1, Cane does not teach a trusted requested. Therefore, it 
follows that Cane does not teach the feature of responsive to an absence of a determination that 
the requestor is a trusted requestor, returning a null result to the requestor," as recited in claims 7 
and 26 of the present invention. 



A.3 Claim 13 

Additionally claim 13 recites the feature of therein the plurality of entries is indexed 
using a plurality of aliases and wherein the request includes an alias for a requested entry." Cane 
does not teach this feature. The examiner points to Cane s column 4, lines 37 through 41, cited 
above, as teaching this feature. However, as was discussed above in regards to claims 6 and 25, 
Cane, column 4, lines 37 through 41 teaches that the encrypted key and the location of the 
magnetic tape volume containing the encrypted are stored in an index. However, the passage of 
Cane does not teach that a plurality of entries, or encrypted files, is indexed using a plurality of 
aliases. Nor does the passage of Cane teach that a request for access to an entry includes an alias 
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11. A method in a data processing system for managing access to data in a 
keystore, the method comprising: . 

receiving a request for access to an item of data from a requestor, wherein 
the item of data is encrypted using a first key; 

determining whether the requestor is a trusted requestor, wherem the 
determining step is performed by checking a requestor's identity against a trusted 
codebase; and 

responsive to a determination that the requestor is a trusted requestor, 
sending a second key and an encrypted copy of the item of data to the requestor. 

As was discussed above in regards to claim 1, Cane does not teach the feature of "determining 
whether the requestor is a trusted requestor, wherein the determining step is performed by 
checking a requestor's identity against a trusted codebase." Therefore, claim 1 1 is not obvious in 
view of Cane because the features believed to be disclosed by this cited reference are not present. 
Additionally, as was discussed above in regards to claim 1 , Padgett does not cure the deficiencies 
of Cane. Padgett is cited for the purpose of teaching the feature of therein the determining step 
is performed by checking a requestor's identity against a trusted codebase," which, as was 
discussed above regarding claims 1 , Padgett does not teach. Thus, the combination of Cane with 
the Padgett reference would not reach the presently claims invention as recited in claim 1 1 . 
Therefore, the examiner has failed to state a prima facie case of obviousness. 

Additionally, claim 1 1 recites the feature of "responsive to a determination that the 
requestor is a trusted requestor, sending a second key and an encrypted copy of the item of data 
to the requestor." This feature is not taught or suggested by Cane. The examiner points to Cane, 
column 4, lines 29 through 31, reproduced above, as teaching this feature. However, Cane, 
column 4, lines 29 through 3 1 teaches that "both the encrypted key and the encrypted file are 
transmitted back to the client." Sending an encrypted key and the original encrypted file to the 
client is not the same as sending a second, unencrypted key and an encrypted copy of the file. 
Therefore Cane does not teach the feature of "responsive to a determination that the requestor is 
a trusted requestor, sending a second key and an encrypted copy of the item of data to the 
requestor"" 

Furthermore, as was discussed above regarding claim U Cane does not teach a trusted 
requestor. Therefore Cane cannot teach the feature of "responsive to a determination that the 
requestor is a trusted requestor, sending a second key and an encry^ed copy of the item of data 
to the requestor." Therefore, claim 1 1 is not obvious in view of Cane because the features 
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believed to be disclosed by this cited reference are not present. Thus, the combination of Cane 
with the Padgett reference would not reach the presently claims invention as recited in claim 11 . 
Therefore, the examiner has failed to state zprima facie case of obviousness. 

Thus, claims 1 1,1 5, 30 and 3 1 are patentable over the cited references because 
combination of the Cane reference with the Padgett reference does not teach or suggest the 
presently claimed invention. Accordingly, for all the above reasons, Appellants submit that the 
Final Rejection of claims 1 1 , 15, 30 and 31 is improper, and respectfully request that the Final 

Rejection be reversed. 

Claims 16-1 9 are dependent claims which depend on independent claim 15. As 
Appellants have already demonstrated claim 15 to be in condition for allowance, Appellants 
respectfully submit that claims 1 6-19 are also allowable at least by virtue of their depending from 
an allowable claim. 

Accordingly, for all the above reasons, Appellants submit that the Final Rejection of 
claims 16-19 is improper, and respectfully request that the Final Rejection be reversed. 
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INCLUSION 

For all the above reasons, Appellants submit that the Final Rejection of claims 1, 2, 4-21 
and 23-32 is improper, and respectfully request that the Final Rejection be reversed. 
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f?I,AIMS APPENDIX 
The text of the claims involved in the appeal are: 

1 , A method in a data processing system for managing access to data in a keystone, the 
method comprising: 

receiving a request for access to an item of data from a requestor, wherein the item of data 
is encrypted using a first key; 

determining whether the requestor is a trusted requestor, wherein the determining step is 
performed by checking a requestor's identity against a trusted codebase; 

responsi ve to a determination that the requestor is a trusted requestor, decrypting a copy 
of the item of data using a second key to form a decrypted item of data; and 

sending the decrypted item of data to the requestor. 

2. The method of claim 1 , wherein the requestor is an application. 

4. The method of claim 1 , wherein the item of data is another key. 

5. The method of claim I, wherein the item of data is a certificate. 

6. The method of claim 1 , wherein the item of data is indexed within the Keystore using an 
alias. 
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7. The method claim 6, wherein the request includes the alias further comprising: 
responsive to an absence of a determination that the requestor is a trusted requestor, 

returning a null result to the requestor. 

8. The method of claim 1 further comprising: 

responsive to receiving a request to add a new item of data to the Keystore, encrypting the 
new item of data to form an encrypted item of data; and 
storing the encrypted item of data in the Keystore, 

9. The method of claim 8 further comprising: 

storing an encrypted copy of the new item of data in the Keystore. 

1 0. The method of claim 8, wherein each item of data in the Keystore is associated whh an 
alias. 

11. A method in a data processing system for managing access to data in a keystore, the 
method comprising: 

receiving a request for access to an item of data from a requestor, wherein the item of data 
is encrypted using a first key; 

determining whether the requestor is a trusted requestor, wherein the determining step is 
performed by checking a requestor's identity against a trusted codebase; and 

responsive to a determination that the requestor is a trusted requestor, sending a second 
key and an encrypted copy of the item of data to the requestor. 
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12. A Key store system comprising: 
a Keystore object including: 

a key; and 

a plurality of entries, wherein each entry within the plurality of entries is encrypted using the 
key; and 

a Keystore process, wherein the Keystore process provides access to the plurality of 
entries in response to a request from a trusted application by providing the key to the trusted 
application and in response to a determination that the application is a trusted application, 
wherein the determination is performed by checking an application's identity against a trusted 
codebase* 

1 3 . The Keystore system of claim 1 2, wheiein the plurality of entries is indexed using a 
plurality of aliases and wherein the request includes an alias for a requested entry. 

14* The Keystore system of claim 12, wherein the plurality of entries is a first plurality of 
entries and wherein the Keystore object includes a second plurality of entries corresponding to 
the first plurality of entries in an unencrypted form encrypted with a second key. 

15. A data processing system comprising: 
a bus system; 

a communications unit connected to the bus, wherein data is sent and received using the 
communications unit; 

(Appeal Brief Page 34 oT40) 
Leung ct aL - 09/75 1 .576 

PAGE Ml 1 RCVD AT 5/27120(15 3:38:12 PM [Eastern Daylight Time] 1 SVR:USPT0-EFXRF-1/2 1 DNIS:8729306 1 CSID:9723857766 ' DURATION (mm-ss):! 1-14 



05/27/2095 14:39 9723857766 



YEE & ASSOCIATES, PC 



PAGE 



a memory connected to the bus system, wherein a set of instructions are located in the 
memory; and 

a processor unit connected to the bus system, wherein the processor unit executes the set 
of instructions to receive a request for access to an item of data from a requestor, wherein the 
item of data is encrypted using a first key, determine whether the requestor is a trusted requestor, 
wherein the determining step is performed by checking a requestor's identity against a trusted 
codebase, and send a second key and an encrypted copy of the item of data to the requestor in 
response to a determination that the requestor is a trusted requestor. 

16. The data processing system of claim 15, wherein the bus system includes a primary bus 
and a secondary bus. 

17. The data processing system of claim 15, wherein the processor unit includes a single 
processor. 

18. The data processing system of claim 1 5 9 wherein the processor unit includes a plurality of 
processors. 

1 9. The data processing system claim 1 5, wherein the communications unit is an Ethernet 
adapter. 
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20. A data processing system for managing access to data in a dalastore, the data processing 
system comprising: 

receiving means for receiving a request for access to an item of data from a requestor, 
wherein the item of data is encrypted using a first key; 

determining means for determining whether the requestor is a trusted requestor, wherein 
the determining step is performed by checking a requestor's identity against a trusted codebase; 
and 

decrypting means, responsive to a determination that the requestor is a trusted requestor, 
for decrypting a copy ofthe item of data using a second key to form a decrypted item of data; and 
sending means for sending the decrypted item of data to the requestor. 

21 . The data processing system of claim 20, wherein the requestor is an application. 

23. The data processing system of claim 20, wherein the item of data is another key. 

24. The data processing system of claim 20» wherein the item of data is a certificate. 

25. The data processing system of claim 20, wherein the item of data is indexed within the 
Keystore using an alias. 

26. The data processing system claim 25, wherein the request includes the alias further 
comprising: 

returning means, responsive to an absence of a determination that the requestor is a 
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trusted requestor, for returning a null result to the requestor, 

27. The data processing system of claim 20 further comprising: 

encrypting means, responsive to receiving a request to add a new item of data to the 
Keystone, for encrypting the new item of data to form an encrypted item of data; and 
storing means for storing the encrypted item of data in the Keystore. 

28. The data processing system of claim 27, wherein the storing means is a first storing 
means further comprising: 

second storing means for storing the new item of data in the Keystore. 

29. The data processing system of claim 27, wherein each item of data in the Keystore is 
associated with an alias. 

30. A data processing system for managing access to data in a datastore, the data processing 
system comprising: 

receiving means for receiving a request for access to an item of data from a requestor, 
wherein the item of data is encrypted using a first key; 

determining means for determining whether the requestor is a trusted requestor, wherein 
the determining step is performed by checking a requestor's identity against a trusted codebase; 
and 

sending means, responsive to a determination that the requestor is a trusted requestor, for 
sending a second key and an encrypted copy of the item of data to the requestor. 
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3 L A computer program product in a computer readable medium, for managing access to data 
in a datastore, the computer program product comprising: 

first instructions for receiving a request for access to an item of data from a requestor, 
wherein the item of data is encrypted using a first key; 

second instructions for detexmining whether the requestor is a trusted requestor^wherein 
the determining step is performed by checking a requestor's identity against a trusted codebase; 
and 

third instructions,, responsive to a determination that the requestor is a trusted requestor, 
for sending a second key and an encrypted copy of the item of data to the requestor. 

32, A computer program product in a computer readable medium for managing access to data 
in a datastore, the computer program product comprising: 

first instructions for receiving a request for access to an item of data from a requestor, 
wherein the item of data is encrypted using a first key; 

second instructions for determining whether the requestor is a trusted requestor, wherein 
the determining step is performed by checking a requestor's identity against a trusted codebase; 

third instruction, responsive to a determination that the requestor is a trusted requestor, 
for decrypting a copy of the item of data using a second key to form a decrypted item of data; and 

fourth instructions for sending the decrypted item of data to the requestor. 
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EVIDENCE APPENDIX 

There is no evidence to be presented 
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RELATED PROCEEDINGS APPENDIX 

There are no related proceedings. 
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